openssh publickey auth not working any more

From: J. Carlos Castro (jcastro@att.net)
Date: 03/09/02 

From: "J. Carlos Castro" <jcastro@att.net>
Date: Fri, 8 Mar 2002 20:30:49 -0500

I am trying to set up publickey auth. Just upgraded from openssh 2.5 to 3.1
and
can't get it to work for the life of me. Here is a typescript of my
session.

Thanks,
Carlos

Script started on Fri Mar 08 17:29:00 2002
spazzo@host1 1> mkdir .ssh
spazzo@host1 2 > chmod 755 .ssh
spazzo@host1 3 > ssh-keygen -b 1024 -t rsa1
Generating public/private rsa1 key pair.
Enter file in which to save the key (/home/spazzo/.ssh/identity):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/spazzo/.ssh/identity.
Your public key has been saved in /home/spazzo/.ssh/identity.pub.
The key fingerprint is:
blah:blah:blah:blah:blah:blah:blah:blah:blah:blah:blah spazzo@host1
spazzo@host1 4 > ssh-keygen -b 1024 -t rsa1
Generating public/private rsa key pair.
Enter file in which to save the key (/home/spazzo/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/spazzo/.ssh/id_rsa.
Your public key has been saved in /home/spazzo/.ssh/id_rsa.pub.
The key fingerprint is:
blah:blah:blah:blah:blah:blah:blah:blah:blah:blah:blah spazzo@host1
spazzo@host1 5 > ssh-keygen -b 1024 -t dsa
Generating public/private dsa key pair.
Enter file in which to save the key (/home/spazzo/.ssh/id_dsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/spazzo/.ssh/id_dsa.
Your public key has been saved in /home/spazzo/.ssh/id_dsa.pub.
The key fingerprint is:
blah:blah:blah:blah:blah:blah:blah:blah:blah:blah spazzo@host1
spazzo@host1 6 > pwd
/home/spazzo
spazzo@host1 7 > cd .ssh
host1 /home/spazzo/.ssh 8 >cat *pub > authorized_keys
host1 /home/spazzo/.ssh 9 >ssh -v -v -v host1
OpenSSH_3.1p1, SSH protocols 1.5/2.0, OpenSSL 0x0090601f
debug1: Reading configuration data /etc/ssh_config
debug1: Applying options for *
debug3: cipher ok: aes128-cbc
[aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc]
debug3: cipher ok: 3des-cbc
[aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc]
debug3: cipher ok: blowfish-cbc
[aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc]
debug3: cipher ok: cast128-cbc
[aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc]
debug3: cipher ok: arcfour
[aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc]
debug3: cipher ok: aes192-cbc
[aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc]
debug3: cipher ok: aes256-cbc
[aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc]
debug3: ciphers ok:
[aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc]
debug3: Seeing PRNG from /opt/WUNossh/libexec/ssh-rand-helper
debug1: Rhosts Authentication disabled, originating port will not be
trusted.
debug1: restore_uid
debug1: ssh_connect: getuid 6969 geteuid 0 anon 1
debug1: Connecting to host1 [10.69.69.200] port 22.
debug1: temporarily_use_uid: 6969/6969 (e=0)
debug1: restore_uid
debug1: temporarily_use_uid: 6969/6969 (e=0)
debug1: restore_uid
debug1: Connection established.
debug1: identity file /home/spazzo/.ssh/identity type 0
debug3: Not a RSA1 key file /home/spazzo/.ssh/id_rsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: no key found
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: no key found
debug1: identity file /home/spazzo/.ssh/id_rsa type 1
debug3: Not a RSA1 key file /home/spazzo/.ssh/id_dsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: no key found
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: no key found
debug1: identity file /home/spazzo/.ssh/id_dsa type 2
debug1: Remote protocol version 1.99, remote software version
OpenSSH_2.5.2p2
debug1: match: OpenSSH_2.5.2p2 pat
OpenSSH_2.5.0*,OpenSSH_2.5.1*,OpenSSH_2.5.2*
Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.1p1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit:
diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hm
ac-md5-96
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hm
ac-md5-96
debug2: kex_parse_kexinit: none
debug2: kex_parse_kexinit: none
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit:
diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,r
ijndael128-cbc,rijndael192-cbc,rijndael256-cbc,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,r
ijndael128-cbc,rijndael192-cbc,rijndael256-cbc,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hm
ac-md5-96
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hm
ac-md5-96
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_init: found hmac-md5
debug1: kex: server->client aes128-cbc hmac-md5 none
debug2: mac_init: found hmac-md5
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST_OLD sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: dh_gen_key: priv key bits set: 137/256
debug1: bits set: 549/1024
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug3: check_host_in_hostfile: filename /home/spazzo/.ssh/known_hosts
debug3: check_host_in_hostfile: filename /etc/ssh_known_hosts
debug3: check_host_in_hostfile: filename /home/spazzo/.ssh/known_hosts
debug3: check_host_in_hostfile: filename /etc/ssh_known_hosts
The authenticity of host 'host1 (10.69.69.200)' can't be established.
RSA key fingerprint is
blah:blah:blah:blah:blah:blah:blah:blah:blah:blah:blah
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'host1,10.69.69.200' (RSA) to the list of known
hosts.
debug1: bits set: 500/1024
debug1: ssh_rsa_verify: signature correct
debug1: kex_derive_keys
debug1: newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: waiting for SSH2_MSG_NEWKEYS
debug1: newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: done: ssh_kex2.
debug1: send SSH2_MSG_SERVICE_REQUEST
debug1: service_accept: ssh-userauth
debug1: got SSH2_MSG_SERVICE_ACCEPT
debug1: authentications that can continue: publickey,password
debug3: start over, passed a different list publickey,password
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: next auth method to try is publickey
debug1: try pubkey: /home/spazzo/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: authentications that can continue: publickey,password
debug1: try pubkey: /home/spazzo/.ssh/id_dsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: authentications that can continue: publickey,password
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred: ,password
debug3: authmethod_is_enabled password
debug1: next auth method to try is password
spazzo@host1's password:
debug1: packet_send2: adding 64 (len 52 padlen 12 extra_pad 64)
debug2: we sent a password packet, wait for reply
debug1: authentications that can continue: publickey,password
Permission denied, please try again.
spazzo@host1's password:
debug1: packet_send2: adding 64 (len 52 padlen 12 extra_pad 64)
debug2: we sent a password packet, wait for reply
debug1: authentications that can continue: publickey,password
Permission denied, please try again.
spazzo@host1's password:
debug1: packet_send2: adding 64 (len 52 padlen 12 extra_pad 64)
debug2: we sent a password packet, wait for reply
debug1: authentications that can continue: publickey,password
debug2: we did not send a packet, disable method
debug1: no more auth methods to try
Permission denied (publickey,password).
debug1: Calling cleanup 0x3d120(0x0)
host1 /home/spazzo/.ssh 10 >exit
script done on Fri Mar 08 17:31:23 2002

Relevant Pages